Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

workie (1754464) writes "Using data derived from website infections, RescueTheWeb.org has found several interesting link spam architectures. One architecture is where concentric layers of hijacked websites are used to increase the page rank and breadth of reach (within search engine search results) of scam sites. The outer layers link to the inner layers, eventually linking to a site that redirects the user to the scam site. Another architecture involves hijacked sites that redirect the user to fake copies of Google, having the appearance that the visitor is still within Google, but in reality they are on a Google look alike that contains only nefarious links."Link to Original Source

workie (1754464) writes "Comparing the PHP version used by 58,000 PHP websites to the public vulnerability data at the National Vulnerability Database (NVD) reveals that 80% of the surveyed websites have the worst possible Common Vulnerability Scoring System (CVSS) score of 10. PHP utilization data shows that website owners are not upgrading their software packages once they initially setup their website. Further data shows that nearly all versions of PHP (as well as most other software systems) are vulnerable. If all software has vulnerabilities (and it appears that they do), and no one (website owners and maintainers) are updating their software once they install it (which this data implies), then the result is that all websites that are more than one release cycle old are vulnerable."Link to Original Source